Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2013-11-20 06:12
Updated : 2018-10-30 09:27
NVD link : CVE-2013-4487
Mitre link : CVE-2013-4487
JSON object : View
CWE
CWE-189
Numeric Errors
Products Affected
opensuse
- opensuse
gnu
- gnutls